STATE_DISABLED STATE_ENABLED OCSP_STAPLING_HASH_UNKNOWN OCSP_STAPLING_HASH_SHA1 OCSP_STAPLING_HASH_SHA256 Gets a list of OCSP stapling parameters.

Creates the specified OCSP stapling parameters, using proxy addresses pool or DNS resolver. If 'use_proxy_server_states' is enabled, the OCSP requests will be sent to a proxy server that in turn sends the requests to the OCSP responder. Otherwise, DNS resolver must be specified for the system to make external http requests.

Deletes a set of OCSP stapling parameters.

Deletes all OCSP stapling parameters.

Sets the states controlling whether the OCSP request has to be forwarded to a proxy server or to a DNS resolver for the specified OCSP stapling parameters. If enabled, the request will be forwarded to the proxy server; Otherwise, to the DNS resolver.

Gets the states controlling whether the OCSP request has to be forwarded to a proxy server for the specified OCSP stapling parameters.

Sets the proxy server pool that the OCSP request will be forwarded to for the specified OCSP stapling parameters.

Gets the proxy server pools that the OCSP request will be forwarded to for the specified OCSP stapling parameters.

Sets the DNS resolver for the specified OCSP stapling parameters.

Gets the DNS resolver for the specified OCSP stapling parameters.

Sets the trusted certificate authorities file object names for the specified OCSP stapling parameters.

Gets the trusted certificate authorities file object names for the specified OCSP stapling parameters.

Sets the file object names of the trusted responder certificates for the specified OCSP stapling parameters.

Gets the file object names of the trusted responder certificates for the specified OCSP stapling parameters.

Sets the responder URL for the specified OCSP stapling parameters. If a URL for the certificate's OCSP server is not present in Authority Information Access (AIA) extension, the responser URL will be used to send the status request.

Gets the responder URL for the specified OCSP stapling parameters.

Sets the signer private keys that are used to sign the OCSP request for the specified OCSP stapling parameters.

Gets the signer private keys that are used to sign the OCSP request for the specified OCSP stapling parameters.

Sets the passphrase of the signer keys for the specified OCSP stapling parameters.

Sets the signer certificates that are used to sign the OCSP request for the specified OCSP stapling parameters.

Gets the signer certificates that are used to sign the OCSP request for the specified OCSP stapling parameters.

Sets the hash algorithm used to sign the OCSP request for the specified OCSP stapling parameters.

Gets the hash algorithm used to sign the OCSP request for the specified OCSP stapling parameters.

Sets the timeout for fetching OCSP response for the specified OCSP stapling parameters.

Gets the timeout for fetching OCSP response for the specified OCSP stapling parameters.

Sets the maximum time skew between the OCSP responder and the system's clocks for the specified OCSP stapling parameters. Clock skew is the tolerable absolute difference in the clocks between the responder and the system.

Gets the maximum time skew between the OCSP responder and clients' clocks for the specified OCSP stapling parameters.

Sets the status age, in seconds, for the specified OCSP stapling parameters. This specifies the maximum allowed lag time for the 'thisUpdate' time in the OCSP response that the BIG-IP accepts. If this maximum is exceeded, the response is dropped. If this value is set to '0', this validation is skipped. The default value is 86400 seconds.

Gets the status age for the specified OCSP stapling parameters.

Sets the cache timeouts, in seconds, for the specified OCSP stapling parameters. The lifetime of OCSP response cache is set to the lower value of the validity of the response and the configured cache timeout.

Gets the cache timeouts for the specified OCSP stapling parameters.

Sets the cache error timeouts for the specified OCSP stapling parameters. If the OCSP response indicates an error, the response will be cached for the duration specified in cache error timeout.

Gets the cache error timeouts for the specified OCSP stapling parameters.

Sets the strict responder certificate checking states for the specified OCSP stapling parameters. If enabled, the system explicitly checks that the response signer's certificate is authorized for OCSP response signing, by checking for OCSP signing extension in the signer's certificate.

Gets the strict responder certificate checking states for the specified OCSP stapling parameters.

Sets the description for a set of OCSP stapling parameters. This is an arbitrary field which can be used for any purpose.

Gets the descriptions for a set of OCSP stapling parameters.

Gets the version information for this interface.

Gets a list of OCSP stapling parameters.

Creates the specified OCSP stapling parameters, using proxy addresses pool or DNS resolver. If 'use_proxy_server_states' is enabled, the OCSP requests will be sent to a proxy server that in turn sends the requests to the OCSP responder. Otherwise, DNS resolver must be specified for the system to make external http requests.

Deletes a set of OCSP stapling parameters.

Deletes all OCSP stapling parameters.

Sets the states controlling whether the OCSP request has to be forwarded to a proxy server or to a DNS resolver for the specified OCSP stapling parameters. If enabled, the request will be forwarded to the proxy server; Otherwise, to the DNS resolver.

Gets the states controlling whether the OCSP request has to be forwarded to a proxy server for the specified OCSP stapling parameters.

Sets the proxy server pool that the OCSP request will be forwarded to for the specified OCSP stapling parameters.

Gets the proxy server pools that the OCSP request will be forwarded to for the specified OCSP stapling parameters.

Sets the DNS resolver for the specified OCSP stapling parameters.

Gets the DNS resolver for the specified OCSP stapling parameters.

Sets the trusted certificate authorities file object names for the specified OCSP stapling parameters.

Gets the trusted certificate authorities file object names for the specified OCSP stapling parameters.

Sets the file object names of the trusted responder certificates for the specified OCSP stapling parameters.

Gets the file object names of the trusted responder certificates for the specified OCSP stapling parameters.

Sets the responder URL for the specified OCSP stapling parameters. If a URL for the certificate's OCSP server is not present in Authority Information Access (AIA) extension, the responser URL will be used to send the status request.

Gets the responder URL for the specified OCSP stapling parameters.

Sets the signer private keys that are used to sign the OCSP request for the specified OCSP stapling parameters.

Gets the signer private keys that are used to sign the OCSP request for the specified OCSP stapling parameters.

Sets the passphrase of the signer keys for the specified OCSP stapling parameters.

Sets the signer certificates that are used to sign the OCSP request for the specified OCSP stapling parameters.

Gets the signer certificates that are used to sign the OCSP request for the specified OCSP stapling parameters.

Sets the hash algorithm used to sign the OCSP request for the specified OCSP stapling parameters.

Gets the hash algorithm used to sign the OCSP request for the specified OCSP stapling parameters.

Sets the timeout for fetching OCSP response for the specified OCSP stapling parameters.

Gets the timeout for fetching OCSP response for the specified OCSP stapling parameters.

Sets the maximum time skew between the OCSP responder and the system's clocks for the specified OCSP stapling parameters. Clock skew is the tolerable absolute difference in the clocks between the responder and the system.

Gets the maximum time skew between the OCSP responder and clients' clocks for the specified OCSP stapling parameters.

Sets the status age, in seconds, for the specified OCSP stapling parameters. This specifies the maximum allowed lag time for the 'thisUpdate' time in the OCSP response that the BIG-IP accepts. If this maximum is exceeded, the response is dropped. If this value is set to '0', this validation is skipped. The default value is 86400 seconds.

Gets the status age for the specified OCSP stapling parameters.

Sets the cache timeouts, in seconds, for the specified OCSP stapling parameters. The lifetime of OCSP response cache is set to the lower value of the validity of the response and the configured cache timeout.

Gets the cache timeouts for the specified OCSP stapling parameters.

Sets the cache error timeouts for the specified OCSP stapling parameters. If the OCSP response indicates an error, the response will be cached for the duration specified in cache error timeout.

Gets the cache error timeouts for the specified OCSP stapling parameters.

Sets the strict responder certificate checking states for the specified OCSP stapling parameters. If enabled, the system explicitly checks that the response signer's certificate is authorized for OCSP response signing, by checking for OCSP signing extension in the signer's certificate.

Gets the strict responder certificate checking states for the specified OCSP stapling parameters.

Sets the description for a set of OCSP stapling parameters. This is an arbitrary field which can be used for any purpose.

Gets the descriptions for a set of OCSP stapling parameters.

Gets the version information for this interface.

The OCSPStaplingParameters interface enables you to manipulate the Online Certificate Status Protocol stapling parameters. OCSP stapling parameters specify the options needed for the TLS extension of certificate status request. This set of parameters is associated with a certificate-key-chain object in a clientSSL profile.